Policies

This section is where you can find our policy documents.

Privacy/Data Protection Policy

New General Data Protection Regulation (GDPR)

Your personal data is important to us here at BACA. On 25 May 2018, the General Data Protection Regulation (GDPR) will be coming into force across the EU. The new regulation gives individuals more control over their personal data. All data processing by BACA is done under the principles of the current Data Protection Act (DPA) and the incoming GDPR.

GDPR Principles

The principles of data protection under the GDPR are similar to those under the Data Protection Act (DPA), but include some extra detail. In summary, these are that personal data shall be:

processed in a lawful, fair and transparent manner

collected for specified, explicit and legitimate purposes, and that there will be no further processing that is incompatible with those purposes (there are some exceptions to this for processing for research, statistical or archiving purposes)

adequate, relevant and limited to what is necessary

accurate and kept up to date

kept in a form allowing identification of data subjects for no longer than is necessary (there are some exceptions to this for processing for research, statistical or archiving purposes)